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(57) Abstract: A smart card enabled mobile personal 
computing environment system stores a user* s 
personalized, fully functional, computing environment 
in a smart card. A user information database is 
provided that is resident on a server and contains the 
user records of a plurality of users containing personal 
computing environment data with the amount of data 
in the user record generally larger than the storage 
capacity of a smart card. The user to specifies the 
information required to configure the client to the 
user's preferred personal computing environment If 
the correct personal computing environment data is not 
resident in the smart card, the client queries the server 
for the information needed and updates the smart card 
with the new data. The user also manages his personal 
computing environment data stored on the smart card 
and the user information database. The server gives 
the client access to the user's records through a secure 
Web site. The user accesses his data, adds, modifies, 
and/or deletes information and transfers data to his 
smart card via the secure Web site. If the client has a 
slow or temporary connection with the server, the client 
is able to accommodate the user's data management 
needs by downloading the user's records stored on the 
server's user information database. The user can then 
manage his data without a connection to the server. 
Any changes to the user's records are later sent to the 
server to update the user information database. 
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Smart Card Enabled Mobile Personal Computing 

Environment System 

5 

CROSS REFERENCE TO RELATED APPLICATIONS 

This application Claims benefit of U.S. Provisional Patent Applications Serial No, 
60/185,276, filed on February 28, 2000 (2161 PRVBj and Serial No. 60/185,278, 
10 filed on February 28, 2000 (2161 PRVC). 

BACKGROUND OF THE INVENTION 

15 TECHNICAL FIELD 

The invention relates to mobile computing in a computer environment. More 
particularly, the invention relates to storing, managing, and retrieving a mobile 
computer user's personal computing environment in a smart card. 

20 

DESCRIPTION OF THE PRIOR ART 

The current computing environment requires users, in general, to physically carry 
25 either a laptop or a notebook portable computer in order to maintain a fully 
functional, truly personalized, computing environment when moving from place to 
place. Because laptop and notebook computers, though physically small, are 
comparatively bulky and heavy, mobile computer users continuously seek ever 
smaller and lighter devices that will provide and maintain their personalized 
30 computing environment. 
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An example of such a smaller and lighter device that has recently enjoyed signifi- 
cant commercial popularity is the personal digital assistant ("PDA"). However, 
even though PDAs are smaller and lighter than laptop or notebook computers 
5 and provide a personalized computing environment, they do not presently offer 
the full functionality of desktop, laptop or notebook portable computers. 

For example, when a PDA is removed from an environment in which a computer 
user has a fully functional computing environment, the PDA must first be loaded 
10 with an up-to-date image of data for pertinent portions of that environment, e.g., 
an address book, calendar, email, etc. Similarly, when a PDA returns to the fully 
functional computing environment, data in the PDA that has changed since 
leaving the fully functional computing environment must be transferred and/or 
synchronized from the PDA back into the user's regular computer and vice versa. 

15 

Desktop computers capable of accessing the Internet are ubiquitous in 
industrialized countries worldwide. A computer user, while traveling, can usually 
obtain access to such a computer and use that computer's Internet access to 
communicate worldwide. With sufficient data and appropriately configured, such 

20 computers could, in principle, provide mobile computer users with a fully 
functional personal computing environment. However, establishing a mobile 
computer user's fully functional computing environment at a remote or transitory 
location, e.g., in an airport kiosk or overnight lodging, requires error-free entry of 
a prodigious amount of highly detailed information to configure the local 

25 computer. 

The amount of information required to configure a local computer so it provides 
the mobile computer user's fully functional, personal computing environment is 
disproportionately large in comparison with the benefit obtained. Consequently, 
30 there presently does not exist any convenient hardware and software that 
permits mobile computer users to move from computer to computer anywhere in 
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the world, carrying with them their personalized, fully functional computing 
environment. 

Presently, smart cards are used primarily for facilitating financial transactions. 
5 However, because smart cards include at least a limited amount of non-volatile 
readable and writeable memory and may also include a programmable 
processor, they inherently possess a capability for use in applications other than 
financial transactions. Storing data into a smart card, accessing that data, and 
activating a smart card's processor to execute a computer program all require 
10 that the smart card be interconnected with some type of reader/terminal. This 
characteristic of smart cards limits the potential for broadening their use for 
mobile computing applications because, in general, there does not presently 
exjst an infrastructure that supports the use of smart cards for applications other 
than financial transactions. 

15' 

It would be advantageous to provide a smart card enabled , mobile personal 
computing environment system that allows a user to store and transport his 
personal computing environment in a smart card and to use the smart card to 
configure the computing environment of a computer. It would further be 
20 advantageous to provide a smart card enabled mobile personal computing 
environment system that creates an infrastructure for the management of a 
user's personal computing environment data on a smart card. 

25 SUMMARY OF THE INVENTION 

The invention provides a smart card enabled mobile personal computing 
environment system. The system allows a user to store, transport, and configure 
his personal computing environment via a smart card. In addition, the invention 
30 provides a secure infrastructure for the management of a user's personal 
computing environment data on a smart card. The user's personal computing 
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environment data is read from the smart card and used to configure a client 
computer. 

A preferred embodiment of the invention stores a user's personalized, fully 
5 functional, computing environment in a smart card. A user information database 
is provided that is resident on a server and contains the user records of a 
plurality of users. Each of the user records contain personal computing 
environment data. The amount of data in the user record is generally larger than 
the storage capacity of a smart card. 

10V 

The invention allows the user to specify the information required to configure the 
cjient to the user's preferred persona! computing environment, jf the correct 
personal computing environment data is not resident in the smart card, the client 
queries the server for the information needed and updates the smart card with 
15 the new data. If the smart card memory is filled, then the client will remove old 
indices from the smart card in a least recently used method until there is enough 
room to add the new data. 

The user can also manage His personal computing environment data stored on 
20 the smart card and the user information database. The user is allowed to 
increase the size of his user records to store more information and to create sets 
of personal computing environment data. 

The server gives the client access to the user's records through a secure Web 
25 site. The user accesses his data, adds, modifies, and/or deletes Information and 
transfers data to his smart card via the secure Web site. 

If the client has a slow or temporary connection with the server, the client is able 
to accommodate the user's data management needs. The client downloads the 
30 user's records stored on the server's user information database. The user can 
then manage his data without a connection to the server. Any changes to the 
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user's records are later sent to the server to ' update, the user Information 
database. 



A plurality of servers with redundant copies of the user inforrnation database are 
5 used in case of any server failures. One of the servers is designated the main 
local server of the user based on the user's usage patterns. The client performs 
load balancing among the servers when obtaining data and will automatically 
switch to another server if the main server fails or is otherwise inaccessible. 

10 Other aspects and advantages of the invention will become apparent from the 
following detailed description in combination with the accompanying drawings, 
illustrating, by way of example, the principles of the invention. 
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RRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a flowchart showing the execution flow of the client to server exchange 
5 when the user specifies the indices required for his personal computing 
environment according to the invention; 

Fig. 2 is a flowchart showing the execution flow of the client to server exchange 
when the user specifies the indices , required for his personal computing 
10 environment according to the invention; 

Fig. 3 is a flowchart showing the schema for managing a user's personal 

computing environment data between a server database and a smart card 

according to the invention; 

15 • ' 

Fig. 4 is a block schematic diagram showing the user's indices accessible on a 

client and a server according to the invention; 

Fig. 5 is a block schematic diagram showing the exchange of the user's indices 
20 between a client and a server according to the invention; 

Fig. 6 is a block schematic diagram showing the exchange of data between the 
user's smart card, a client, a server, and a redundant server when a user index is 
deleted according to the invention; 

25 

Fig. 7 is a block schematic diagram depicting a scenario when the server 
responsible for a particular user is switched when the user relocates according to 
the invention; 
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Fig. 8 is a block schematic diagram of a task-oriented viewpoint of a preferred 
embodiment of the invention illustrating the client and server tasks for a server- 
based data management system according to the invention; and 

5 Fig. 9 is a block schematic diagram of a task-oriented viewpoint of a preferred 
embodiment of the invention illustrating the client and server tasks for a client- 
based data management system according to the invention. 
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DETAILED DESCRIPTION OF THE INVENTION 

, .'.*■■ " * * ■ * * ■ . 

The invention is embodied in a smart card enabled mobile personal computing 
5 environment system in a computer environment. A system according to the 
invention allows a user to store, transport, and configure his personal computing 
environment via a smart card. In addition, the invention provides a secure 
infrastructure for the management of a user's personal computing environment 
data on a smart card. 

10 

The invention provides a mobile computer user with a system that is extremely 
compact, and yet permits the user to carry with him sufficient machine readable 
data to easily establish his fully functional mobile personal computing environ- 
ment anywhere in the world. 

15 

A preferred embodiment of the invention stores, in a smart card, sufficient 
information to permit characterizing a mobile computer user's personalized, fully 
functional computing environment. The information that the mobile personal 
computing environment supplies may differ from system to system. However, 
20 the amount of information stored in the smart card is sufficient to create a 
consistent computing environment for the user. Information such as operating 
system preferences, favorite Web sites, email addresses, credit card information, 
ISP information, program preferences, program environments, etc. are stored in 
the smart card. 

25 

Referring to Fig. 1, the user activates the invention's client computer program 
through an auto launch at boot-up 101 or through a manual launch 102 when he 
begins to use a client computer. A smart card reader/terminal is connected to, or 
resident in, the user's computer, reading the user's smart card. The client 
30 computer program retrieves indices from the smart card 103. The user specifies 
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to the invention the data needed to establish at least a portion of his mobile 
personal environment through the invention's user interface 104. 

The invention checks the smart card to determine if the specified data is present 
5 in the smart card's local memory 1 05. If the specified data is in the smart card's 
memory, then the invention retrieves the data from the smart card for 
subsequent use by the invention 106. If the specified data is not in the smart 
card's memory, then the invention accesses, via the Internet or other method, a 
secure server that stores additional data which more fully characterizes the 
10 mobile computer user's personalized, fully functional computing environment 
108. The invention then retrieves the specified data from the server for 
subsequent use by the invention 109 and updates the smart card data 110. If 
the data is not on the server 1 08, then it is new data from the user which must be 
recorded and used to access the Internet 1 1 1. 

15 

With respect to Fig. 2, having retrieved the required data either from the smart 
card, the server, or directly from the user, the client computer program uses the 
data to construct a Uniform Resource Locator (URL) 201 and, if possible, gather 
the username, password, and Internet site bookmark data needed to 
20 immediately and directly access an Internet site that constitutes at least some 
part of the mobile computer user's mobile personal environment 202. 

Using the data constructed in this way, the invention then builds a URL 
command and sends it to the Internet 203: The URL, username, password and 
25 Internet site bookmark data, if complete, permit the mobile computer user to log 
onto the specified Internet site 204 and proceed immediately to a specified page 
at that Internet site 205. If some information is incorrect or incomplete, interact, 
ing with the Internet site accessed by the URL, the mobile computer user can 
either enter, as required, the username, password, and Internet page data to 
access a desired Internet page 207, 208, or may supply that information through 
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a graphical user interface (GUI) that provides a drag and drop capability 210, 
211. 

Referring to Fig. 3, to initialize or update indices stored on the smart card, the 
5 user activates the invention's client computer program 301, 302, instructing the 
program to access, via the Internet or other method, the server that stores 
additional information which characterizes a mobile computer user's personal- 
ized, fully functional computing environment 303. The server permits the user to 
change data characterizing his personalized mobile personal environment 304, 
10 for example, adding a new Internet site to his environment. After the user 
specifies changes to be made in his mobile personal environment, the server 
links to the specified Internet site and determines updated indices for storage on 
the smart card 305. 

15 After linking to the specified Internet site and updating the computing 
environment information stored at the server 306, the invention attempts to 
update the indices stored on the user's smart card connected to his computer 
307. If the smart card memory is full 309, then one record is deleted from those 
stored in the smart card until the smart card has sufficient free memory to store 

20 the updated indices 31 1 , . the updated index is then written into the smart card's 
memory 310. Otherwise, if the smart card memory is not full 309, then the 
updated indices are immediately stored on the smart card 310. in addition to 
saving the updated indices on the smart card, the server also saves the updated 
index in its database which characterizes this mobile computer user's mobile 

25 personal environment 308. 

If the amount of unused storage in the server's database is sufficient to store the 
updated indices 312, then the information is stored in the database 313. 
Otherwise, the server first offers the user an opportunity to allocate more server 
30 storage for his indices 314. If the user declines the offer of additional storage, 
then the server deletes one record from the database until the server has 
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sufficient free memory to store the updated indices 316. The server then adds 
the updated index to the indices stored in the database 315. If the user accepts 
-the offer *pf additional storage 314Hhen the new 'index is added .tprthe server's 
database 315. The mobile computer user is able to initially specify and, as 
5 required, update data that characterizes his mobile personal environment. 

The user is allowed to create sets of indices when storing a larger amount of 
information on the server than is available on the user's smart card. The user 
cah then choose between different sets of information to be downloaded to his 
10 smart card. For example, the user can set his smart card, to his personalized 
mobile computer environment for his U.S. office, foreign office, or even his home. 

This allows the user to characterize each separate and distinct computer system 

that he uses. 



15 



20 



25 



30 



One skilled in the art will readily appreciate that although the mobile computer 
user's personalized computer environment is specifically mentioned above, any 
other type of information, such as personal data, financial data, operating 
system, computer personality, video arid/or audio data, etc., are easily 
substituted in its place. 

With respect to Fig. 4, the invention provides an infrastructure that permits using 
smart cards for applications other than financial transactions. The smart card 
404 is interconnected with a smart card reader/terminal that can communicate 
via the Internet, extranet, or intranet 402. Using this device 401, a computer 
user specifies characteristics for some computing function. Presuming that the 
reader/terminal is connected to the user's personal computer, an index for the 
specified computing function is stored into that computer's memory 403. Also, 
the index is stored both into the smart card 404 and into a server accessible via 
the Internet, extranet, or intranet 402, 405, 406. 



11 



OCID: <WQ 01 65360A2_I_> 



PCT/USOl/06710 ' 

WO 01/65360 

Referring to Fig. 5, in general, the smart card stores only a fraction of a computer 
user's total indices since smart cards possess only a limited amount of memory. 
When those •indices completely fill the avartable smait-card memory 504, addition 
of another index causes the least recently used index to be deleted from the 

5 smart card's memory 504. However, because the server may, in principle, store 
more indices 505 than the smart card 504, the index discarded from the smart 
card 504 can remain stored and accessible at the server 502, 506. In this way, 
the smart card 504 carries indices that characterize at least some fraction of 
computing functions specified by individual computer users 503, 505, thereby 

10 making those functions accessible to the computer user worldwide 506 at any 
suitably programmed smart card reader/terminal. 

With respect to Fig. 6, in accessing a pre-specified computer function, the smart 
card 604 is placed in a suitably programmed reader/terminal 601 from which the 

15 index stored in the smart card 604 is transferred to that reader/terminal or host 
computer device's memory 603. If the requested index is not present in the 
smart card's memory 604, the device 601 then accesses the server 602 via the 
Internet, extranet, or intranet 607 to retrieve the index that is stored there 606. 
Because retrieving a particular index from the server 602 makes it the most 

20 recently used index, the device 601 transfers the index both to the device's 
memory 603 and replaces the least recently used index 605 in the smart card's 
memory 604 with the most recently used index. If a new index is added to the 
server database 606 when the database 606 is full, the system either discards 
the least recently used index 608 or, if possible, gives the user the option to 

25 allocate more server storage for his records, as described above. 

Another preferred embodiment of the invention adds a backup server 609 that 
contains a consistent copy of the entire user database 606 served by the main 
server 602. If the main server 602 fails, the backup sen/er 609 takes over. The 
30 backup server's database 610 and external interface 611 are identical to the 
main server's 602 components. 
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Additionally, a plurality of servers can be used along with load balancing, to 
handle large amounts of client requests.- The client can perform <tts own load 
balancing among the servers by using, for example, the resppnse time (RTT) 
5 from each server to determine the best choice. If the main server serving the 
user fails or is otherwise inaccessible, then the client will automatically switch to 
another server. 

Referring to Fig. 7, to efficiently utilize server resources distributed at various 
locations throughout the world, the invention records places in the world from 
which a user accesses his mobile personal environment. Recording such data 
permits the server to reasonably determine that a user has moved from one 
place to another, e.g., from the United States to Japan. For example, if a user 
who had previously accessed his mobile personal environment 704 mostly from 
the United States 701, 702, 703 suddenly began accessing that environment 
704, 709 entirely from Japan 706, 707, 708 for an extended interval of time, e.g., 
one or two months, then the server 704 can reasonably determine that the user 
has moved from the United States to Japan. If the server 704 determines that 
the user has relocated his residence and if there exists another server 709 that is 
located physically closer to the user's hew residence, then the systems operating 
on both servers 704 , 709 effect a transfer of the user's mobile personal 
environment indices 705 from the more remote server 704 to the nearer server 
709. ' 

The invention allows mobile computer users to carry, on a single smart card, all 
the information required to characterize their mobile personal environment and to 
quickly establish their mobile personal environment anywhere in the world. 

With respect to Fig. 8, a high-level task viewpoint of a preferred embodiment of 
the invention is shown. The user plugs his Smart Card 805 into the smart card 
reader that is connected to, or resident in, the client computer. The Configure 
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Client System module 806 reads the Smart Card 805 through the Read/Write 
Smart Card module 803. the Configure Client System module 806 either 
automatically configures the client computer to the user's -personal computing 
environment or queries the user through the User Interface 802 for the 
5 information needed from the Smart Card 805 to configure the user's personal 
computing environment (as described above), depending on the user's 
preference settings. 

The user can also manage the indices stored on his Smart Card 805 and the 
10 Server Database 811. The Server Interface module 801 communicates with the 
secure server containing the user's information. The communication is through 
the secure Web site provided by the Manage User Information module 807 on 
the server. The Manage User Information module 807 displays the user's 
indices stored on the Server Database 811, The user requests his indices 
15 through the secure Web site. His indices are retrieved from the Server Database 
811 by the Lookup User Information module 810. The Lookup User Information 
module 810 relays the index information to the Manage User Information module 
807. The indices resident on the user's Smart Card 805 are sent to the Manage 
User Information module 807 through the Server Interface 801 . The smart card 
20 indices are compared with the user's indices from the Server Database 81 1 by 
the Compare User Information module 808, which correlates and compares any 
differences between the two sources; The Manage User Information module 807 
displays the information to the user through a secure Web page. 

25 The user can create (for new users), add, delete, and update his indices through 
the User Interface module 802 connection to the secure Web page. The Server 
Database 811 indices are updated through the Update User Record module 809. 
Smart Card indices are updated by the Manage User Information module 807 
through the Server Interface 801 . The Server Interface 801 sends the update 

30 information to the Update Smart Card module 804. The Update Smart Card 
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module 804 writes the information to the Smart Card 805 through the Read/Write 
Smart Card Module 803. 

In the case of multiple servers, the Server Database 811 is redundantly stored 
5 among other servers. The Server Database 81 1 is updated with information 
from other servers by the Manage Server Database module 812. Any new 
updates to the Server Database 81 1 that are initiated locally are sent out to other 
servers by the Manage Server Database module 812. 

0 Additionally, any transfers of user index records from one server to a more local 
server (in case of the usdr relocating to another location) is performed by the 
Manage Server Database module 812. 

Referring to Fig. 9, another preferred embodiment of the invention is shown that 
performs that same basic functions as those described in Fig. 8, except that the 
client has a server connection that is most likely temporary in nature, e.g., a 
dialup modem connection. The difference in operation between Figs. 8 and 9 is 
when the user manages his indices on his smart card and server database. The 
client connects to the Client Interface module 908 on the server through the 
Manage User Information module 901, resident on the client. The Client 
Interface 908 collects the user's indices for the Manage User Information module 
901. The user's records are retrieved frorp the Server Database 911 by the 
Lookup User Information module 910. 

Once the user's indices are received by the Manage User Information module 
901, the client can disconnect from the server and the user manages his indices 
offline with the client. The Compare User Information module 907 operates in 
the same manner as described above. The information obtained from the Server 
Database 91 1 and the Smart Card 905 are displayed to the user through the 
User Interface 902. After the user has updated his indices and any changes to 
the user's records on the Server Database 911 are required, the client 
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reconnects with the server's Client Interface 908. The Server Database 91 1 is 
updated with any changes by the Update User Record module 909. 

Yet another preferred embodiment of the invention encrypts the entire Server 
5 Database 91 1. Each user record is individually encrypted such that if one user 
record is accessed and decrypted by a hacker, the other user records will not be 
compromised in any way. The actual encryption of a user record is performed by 
the client. The Manage User information module 901 retrieves the user's 
encrypted record from the server. If this fails, then the user must, create a new 
10 record to access. The server looks up, using the Smart Card's 905 ID, and 
retrieves the user's record through the Lookup User Information module 910. 
The server does not know what the contents of the record are, only that the 
record belongs to the user (much like a safety deposit box). The record is sent 
back to the client via the Client Interface module 908. 

15 

The Manage User Information module 901 decrypts the user record using the 
Smart Card 905 encryption key information stored in the Smart Card 905. Each 
smart card is unique and the encryption key only exists on a particular smart 
card and not on the server. Once the user has completed any changes to the 
20 indices in the record, the Manage User Information module 901 encrypts the 
user record using the encryption key on the Smart Card 905 and sends the 
record back to the server. The Client Interface module 908 sends the encrypted 
record to the Update User Record module 909 which replaces the user record in 
the Server Database 91 1 with the new encrypted user record. 

25 

This approach ensures that there is a one-to-one mapping of user records to 
smart cards; each user record in the Server Database 9i 1 can only be decrypted 
by a specific smart card. It also ensures that the Server Database 91 1 is secure 
and cannot be easily compromised. The intruder would have to physically have 

30 every existing smart card to crack the entire database. 
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If a user loses his smart card, then there is a procedure where the smart card 
can be morphed, or recreated. The user inserts a new Smart Card 905 into the 
* client system: The system through the User Interface module 902 has the user • 
enter in his personal information in the same manner as when he first created his 
5 original smart card. The new Smart Card 905 is then initialized and the 
encryption key is recreated, the new smart card's ID is sent to the Client 
Interface module 908 from the User Interfaqe module 902 via the Manage User 
Information module 901 . The Update User Record module 909 removes the 
original smart Card's ID from the user's record on the Server Database 91 1 and 
10 replaces it with the new smart card's ID. Once that is completed, the User 
Interface module 902 then places the encryption key in the new Smart Card 905 
via the Read/Write Smart Card module 903. The user's smart card has now 
been recreated and the original smart card disabled. 

15 The server has the ability to simultaneously perform the server functions 
described in Figs. 8 and 9. This allows the server to handle both secure Web 
access and clients that have temporary server connections. 

One skilled in the art will readily appreciate that although the client and server 
20 functionality are described separately above, both the client and server can 
reside on the same physical machine. 

Although the invention is described herein with reference to the preferred 
embodiment, one skilled in the art will readily appreciate that other applications 
25 may be substituted for those set forth herein without departing from the spirit and 
scope of the present invention. Accordingly, the invention should only be limited 
by the Claims included below. 
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CLAIMS 



1 . A process for storing, managing, and retrieving a mobile computer user's 
5 personal computing environment, transportable via a smart card, in a computer 

environment, comprising the steps of: 
providing a smart card; 

reading the user's personal computing environment data from said smart 

card; 

10 configuring a client according to said personal computing environment 

data; and 

wherein said personal computing environment data includes, but is not 
limited to: operating system preferences, favorite Web sites, email addresses, 
credit card information, ISP information, program preferences, and prdgram 
15 environments. 

2. The process of claim 1, wherein said reading step further comprises the 
steps of: 

accepting user input specifying the information required to configure said 
20 client to the user's preferred personal computing environment; and 

retrieving the correct personal computing environment data from a server 

if said smart card does not have sufficient information to configure said client to 
the user's preferred personal computing environment. 

25 3. The process of claim 2, further comprising the step of: 

storing said correct personal computing environment data on said smart 

card. 

4. The process of claim 1 , further comprising the step of: 
30 providing a user information database resident on a server; 
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wherein said user information database contains the user records of a 
plurality of users; and 

wherein said user records contain personal computing environment data 
of a size that can be larger than the storage capacity of said smart card. 

5. The process of claim 4, further comprising the step of: 
providing user record management means for allowing the user to 

manage the personal computing environment data stored on said smart card and 
said user information database. 

6. The process of claim 5, wherein said user record management means 
reside on said client, and wherein said client connects with said server to retrieve 
the user's records. 

15 7. The process of claim 5, wherein said user record management means 
reside on said server, and wherein said client connects with said server through 
a secure Web site. 

8. The process of claim 5, wherein said user record management means 
20 gives the user an option to expand the storage capacity of the user's user record 

on said user information database. 

9. The process of claim 5, wherein said user record management means 
allows the user to define sets of personal computing environment data. 

25 

10. The process of claim 4, wherein a plurality of servers contain redundant 
copies of said user information database. 

11. The process of claim 10, wherein said client performs load balancing 
30 between said plurality df servers when obtaining user records. 
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12. The process of claim 10; wherein a server is designated as the user's 
main local server. 

13. The process of claim 12, wherein said main server is dynamically selected 
5 based on the user's usage patterns. 

14. The process of claim 12, wherein said client automatically switches to 
another server if said main server fails or is inaccessible. 

10 15. The process of claim 4, wherein each of said user records is encrypted 
using an encryption key from the specific owner's smart card, and wherein each 
of s^id specific smart card contains a unique encryption key resident only on said 
specific smart card. 

15 16. The process of claim 15, wherein the encryption and decryption of a user 
record occurs on said client, and wherein said user records are only transferred 
between said client and said server in encrypted form. 

17. The process of claim 1, further comprising the step of: 
20 providing morphing means for recreating a user's lost smart card. 

18 Ah apparatus for storing, managing, and retrieving a mobile computer 
user's personal computing environment, transportable via a smart card, in a 
computer environment, comprising: 
25 a smart card; 

a module for reading the user's personal computing environment data 

from said smart card; 

a module for configuring a client according to said personal computing 

environment data; and 
30 wherein said personal computing environment data includes, but is not 

limited to: operating system preferences, favorite Web sites, email addresses, 
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credit card information, ISP information, program preferences, and program 
environments. 

19. The apparatus of claim 18, wherein said reading module further 
5 comprises: 

a module for accepting user input specifying the information required to 
configure said client to the user's preferred personal computing environment; 
and ■ 

a module for retrieving the correct personal computing environment data 
10 from a server if said smart card does not have sufficient information to configure 
said client to the user's preferred personal computing environment. 

20. The apparatus of claim 19, further comprising: 

a module for storing said correct personal computing environment data on 
15 said smart card. 

21. The apparatus of claim 18, further comprising: 

a user information database resident on a server; 
wherein said user information database contains the user records of a 
20 plurality of users; and 

wherein said user records contain personal computing environment data 
of a size that can be larger than the storage capacity of said smart card. 

22. The apparatus of claim 21, further comprising: 

25 user record management means for allowing the user to manage the 

personal computing environment data stored on said smart card and said user 
information database. 

23. The apparatus of claim 22, wherein said user record management means 
30 reside on said client, and wherein said client connects with said server to retrieve 

the user's records. 
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24. The apparatus of claim 22, wherein said user record management means 
reside on said server; and wherein said client-connects with said server through 
a secure Web site. 

5 

22. The apparatus of claim 22, wherein said user record management means 
gives the user an option to expand the storage capacity of the user's user record 
on said user information database. 

10 25: The apparatus of claim 22, wherein said user record management means 
allows the user to define sets of personal computing environment data. 

26. The apparatus of claim 21, wherein a plurality of servers contain 
redundant copies of said user information database. 

15 

27. The apparatus of claim 26, wherein said client performs load balancing 
between said plurality of servers when obtaining user records. 

28. The apparatus of claim 26, wherein a server is designated as the user's 
20 main local server. 

29. The apparatus of claim 28, wherein said main server is dynamically 
selected based on the user's usage patterns. 

25 30. The apparatus of claim 28, wherein said client automatically switches to 
another server if said main server fails or is inaccessible. 

31 . The apparatus of claim 21 , wherein each of said user records is encrypted 
using an encryption key from the specific owner's smart card, and wherein each 
30 of said specific smart card contains a unique encryption key resident only on said 
specific smart card. 
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32. The apparatus of claim 31, wherein the encryption and decryption of a 
user" record occurs on said client, and wherein said user -records are only 
transferred between said client and said server in encrypted form. 

5 

33. The apparatus of claim 18, further comprising: 
morphing means for recreating a user's lost smart card. 

34. A process for storing, managing, and retrieving a mobile computer user's 
10 personal computing environment, transportable via a smart card, in a computer 

environment, comprising the steps of: 

providing reading means connected to a client for reading the user's 
personal computing environment data from said smart card; 

providing means for configuring said client according to said personal 
15 computing environment data; 

providing a user information database resident on a server; 

wherein said user information database contains the user records of a 
plurality of users; 

Wherein said user records contain personal computing environment data 
20 of a size that can be larger than the storage capacity of said smart card; 

wherein said personal computing environment data includes, but is not 
limited tb: operating system preferences, favorite Web sites, email addresses, 
credit card information, ISP information, program preferences, and program 
environments; < 

25 providing user record management means for allowing the user to 

manage the personal computing environment data stored on said smart card and 
said user information database; and 

providing smart card storing means for storing a portion of said user 
records on said smart card. 

30 
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35. The process of claim 34, wherein said user record management means 
reside on said client, and wherein said client retrieves the user's records from 
■ •- said server. 

5 36. The process of claim 34, wherein said user record management means 
reside on said server, and wherein said client connects with said server through 
a secure Web page. 

37. The process of claim 34, wherein each of said user records is encrypted 
10 using an encryption key from the specific owner's smart card, and wherein each 

of said specific smart card contains a unique encryption key resident only on said 
specific smart card. 

38. The process of claim 37, wherein the encryption and decryption of a user 
15 record occurs on said client, and wherein said user records are only transferred 

between said client and said server in encrypted form. 

39. The process of claim 34, further comprising the step of: 
providing morphing means for recreating a user's lost smart card. 

20 

40. An apparatus for storing, managing, and retrieving a mobile computer 
user's personal computing environment, transportable via a smart card, in a 
computer environment, comprising the steps of: 

reading means connected to a client for reading the user's personal 
25 computing environment data from said smart card; 

means for configuring said client according to said personal computing 
environment data; 

a user information database resident on a server; 

wherein said user information database contains the user records of a 
30 plurality of users; 
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wherein said user records contain personal computing environment data 
of a size that can be larger than the storage capacity of said smart card; 

wherein said personal computing environment data includes, but is not 
limited to: operating system preferences, favorite Web sites, email addresses, 
credit card information, !SP information, program preferences, and program 
environments; 

user record management means for allowing the user to manage the 
personal computing environment data stored on said smart card and said user 
information database; and 

smart card storing means for storing a portion of said user records on said 
smart card. 

41. The apparatus of claim 40, wherein said user record management means 
reside on said client, and wherein said client retrieves the user's records from 

15 said server. 

42. The apparatus of claim 40, wherein said user record management means 
reside on said server, and wherein said client connects with said server through 
a secure Web page. 

20 

43. The apparatus of claim 40, wherein each of said user records is encrypted 
using an encryption key from the specific owner's smart card, and wherein each 
of said specific smart card contains a unique encryption key resident only on said 
specific smart card. 

25 

44. The apparatus of claim 43, wherein the encryption and decryption of a 
user record occurs on said client, and wherein said user records are only 
transferred between said client and said server in encrypted form. 

30 45. The apparatus of claim 40, further comprising: 

morphing means for recreating a user's lost smart card. 

25 
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